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Network client requests workstation 
credentials from Local Workstation 
Assessment Service 



2. Local Workstation Assessment 
Service performs scan and returns 
workstation credentials^ Network Client 



___ 3. Network Client transmits 
user and workstation credentials 
3 * 0 to Network Service as part of 
regular authentication process. 
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Network Service notifies Network 
Client of authentication results 
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4. Network Service utilizes 
security policy to evaluate 
workstation credentials 
and determine type of 
access. Security policy 
may be stored on the 
Network Server or on a 
Network Policy Server or 
Directory Server. 
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1. Workstation 
Requests 
Service 




2. Network Service 
requests assessment 
of workstation 





3. Network Workstation 
Assessment Server - 
performs workstation 
assessment 
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5. Network Server allows 
access, denies access, or 
allows degraded access 




4. Network Workstation 
Assessment Server sends 

assessment results 
(workstation credentials) 
to network server 
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Browser 



1 . Browser requests login page 



2. Web server sends login page containing authentication plugin 
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3. Authentication plugin 4 - Authentication plugin sends^results to CGI Script n & 
runs in browser, scans 
host, generates results 




6. CGI redirects Browser to appropriate page 




5. CGI script evaluates 
results, decides whether to 
redirect user to logon page 
or redirect user to access 
denied page 
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1. Network Client requests Service 




2. Network Service requests workstation assessment 



3a. Proxy requests 
local assessment 
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4a. Local Assessment 
returned to proxy 



3c. Proxy requests network 
assessment (from Internet) 
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3b. Proxy requests network 
assessment (from LAN) 
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4b. LAN assessment 
returned to proxy 
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4c. Internet assessment 
returned to proxy 

5. Workstation Assessment 
Proxy Service conglomerates all 
workstation assessment results 
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6. Proxy returns 
conglomerated 
assessment results 
to network service 
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8. Network service 
notifies client of 
authentication results. 
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7. Network Service utilizes 
security policy to evaluate 
workstation credentials and 
determine type of access. 
Security policy may be stored 
on the Network Server or on a 
Network Policy Server or 
Directory Server. 
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1 . Network Client 
makes service request- 



2. Network Service requests 
workstation credentials from 
Local Workstation Assessment 
Service 
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3. Local Workstation 
Assessment Service 
Assesses workstation 
integrity and security 
posture, and generates 
workstation credentials 



4. Local Workstation 
Assessment Service 
sends workstation credentials 
to Network Service 
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6. Network Service notifies 
client of type of access granted. 
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5. Network Service utilizes 
security policy to evaluate 
workstation credentials 
and determine type of 
access. Security policy 
may be stored on the 
Network Server or on a 
Network Policy Server or 
Directory Server. 



Figure 9 



